Hi all I’m using Standard Server 8 as mail server, samba, domain, proxy and firewall. (SuSE standard installation + pptpd as vpn all is up to date) My setup is: XP clients on Local LAN1<->Server<->Local LAN2<->DSL router<->internet<->XP road warriors and MS vpn server with official IP Multiple road warriors can vpn connect to Server without problems (even at the same time) and see LAN1. The problem is vpn from LAN 1 to MS vpn server (never fails from LAN2) Can only connect occasionally, if I get connection I can repeat it but then others can not connect. If I move the PC that could connect within LAN1 I can’t connect again. The only way to reconnect is to give the command SuSEfirewall2, even using SuSEfirewall2 test doesn’t work. Firewall doesn’t block any vpn traffic according to logs Any ideas? LAN1 192.168.50.0 eth0 on server LAN2 192.168.100.0 eth1 on server DSL router does NAT and forwards traffic to server, has official fixed IP on outside but inside is LAN2 FW_DEV_EXT="eth1 ppp+" FW_DEV_INT="eth0" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.50.0/24,MS vpn server IP/24" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="1723 smtp" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="gre" FW_SERVICES_INT_TCP="1723" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="gre" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_AUTODETECT="no" FW_SERVICE_DNS="yes" FW_SERVICE_DHCLIENT="auto" FW_SERVICE_DHCPD="yes" FW_SERVICE_SQUID="yes" FW_SERVICE_SAMBA="yes" FW_FORWARD="" FW_FORWARD_MASQ="" FW_REDIRECT="192.168.50.0/255.255.255.0,0/0,tcp,80,8080 \ 192.168.50.0/255.255.255.0,0/0,tcp,21,2121" FW_KERNEL_SECURITY="yes" FW_STOP_KEEP_ROUTING_STATE="no" -- regards Gudmundur Arnljotsson B.Sc Independent Scales Ltd 100a Hayton Road P.O. Box 8098 Christchurch Tel Office 03-341 1324 Mobile 021 475 581